Network+ Jason Dion's practice test

Which of the following communication types cannot be used with IPv6? Anycast Broadcast Unicast Multicast

Broadcast OBJ-1.4: Broadcast only works with IPv4. Broadcast communication has one sender, but it sends the traffic to every device on the network. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6. Multicasting is a technique used for one-to-many communication over an IP network. In this example, the central location sends a signal to subscribed devices. It reduces bandwidth as the source only sends the signal once, which is then received by multiple hosts simultaneously. Multicast can be used with both IPv4 and IPv6. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6.

Dion Training is considering moving its headquarters and data center to Florida, but they are worried about hurricanes disrupting their business operations. To mitigate this risk, Dion Training has signed a contract with a vendor located in a different state to provide hardware, software, and the procedures necessary for the company to recover quickly in the case of a catastrophic event, like a hurricane causing a power loss for up to 10 days. As the owner, Jason is a little concerned that this contract isn't sufficient to mitigate enough of the risk since it only provides a solution for the first 10 days. Jason wonders, "what will we do if a major outage occurs, and our offices are not able to be used for 6-12 months?" Jason has hired you to help develop Dion Training's long-term strategy for recovering from such an event. What type of plan should you create? Risk management plan Business continuity plan Disaster recovery plan Incident response plan

Business continuity plan OBJ-3.2: A business continuity plan (BCP) is a plan to help ensure that business processes can continue during a time of emergency or disaster. Such emergencies or disasters might include a fire or any other case where business cannot occur under normal conditions. A disaster recovery plan is useful (and usually a piece of the large business continuity plan), but it is insufficient for the long-term strategy which is needed to support business operations during an extended outage. The key difference between a DRP and BCP is that a DRP is focused on recovering from a disaster while a BCP is focused on maintaining operations before, during, and after the disaster. Usually, a DRP is a part of an overall BCP.

Which of the following BEST describes how a DHCP reservation works? By letting the network switches assign IP addresses from a reserved pool By assigning options to the computers on the network by priority By matching a MAC address to an IP address within the DHCP scope By leasing a set of reserved IP addresses according to their category

By matching a MAC address to an IP address within the DHCP scope OBJ-1.6: When the client requests an IP address by sending a message on the network to the DHCP server, the DHCP server will assign an IP from its DHCP scope to the client and reserve it based on its MAC address. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network. DHCP reservations are usually used with servers or printers on your internal network and are rarely used with end-user or client devices.

Which of the following types of telecommunication links is used to provide high-speed internet service over a system of coaxial or HFC cables? DSL Leased line Cable Satellite

Cable OBJ-1.2: Data Over Cable Service Interface Specification (DOCSIS) is used to connect a client's local area network to a high-bandwidth internet service provider over an existing coaxial cable TV system. A satellite connection is a wireless connection spread across multiple satellite dishes located both on earth and in space that provides remote areas with valuable access to core networks. A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. A leased line is a private telecommunications circuit between two or more locations provided according to a commercial contract, normally over a fiber-optic connection.

Which of the following type of sites would be used if your organization plans to switch to teleworking and remote operations in the event of a disaster? Hot site Cold site Warm site Cloud site

Cloud site OBJ-3.3: A cloud site is a virtual recovery site that allows you to create a recovery version of your organization's enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment. A hot site is a real-time replication of an existing network environment. All data generated and stored at the primary site is immediately replicated and backed up at the disaster recovery site. A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data. A cold site is a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc.

Which of the following type of sites might contain a datacenter with equipment, but it is not configured and doesn't contain any user or customer data yet? Cold site Hot site Warm site Cloud site

cold site OBJ-3.3: A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data. A cold site is a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc. A hot site is a real-time replication of an existing network environment. All data generated and stored at the primary site is immediately replicated and backed up at the disaster recovery site. A cloud site is a virtual recovery site that allows you to create a recovery version of your organization's enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment.

(This is a simulated Performance-Based Question.) What is the correct color scheme for Pin 1 to Pin 8 for a T-568A connector? white/green, green, orange/white, blue, white/blue, orange, white/brown, brown blue, white/blue, orange, white/brown, brown, white/green, green, orange/white white/orange, orange, white/green, blue, white/blue, green, white/brown, brown white/green, green, white/orange, orange, blue, white/blue, white/brown, brown

white/green, green, orange/white, blue, white/blue, orange, white/brown, brown

A company wants to install a new wireless network. The network must be compatible with the 802.11ac protocol to obtain the maximum amount of throughput available. Which of the following frequencies will this wireless network utilize? 6.0 GHz 3.7 GHz 2.4 GHz 5.0 GHz

5.0 GHz OBJ-2.4: Wireless networks utilize three different frequency bands: 2.4 GHz, 5 GHz, and 6 GHz. The 2.4 GHz frequency band is used by 802.11b, 802.11g, and 802.11n. The 5 GHz frequency band is used by 802.11a, 802.11n, 802.11ac, and 802.11ax. The 6 GHz frequency band is used by Wi-Fi 6E under the 802.11ax standard.

Which of the following ports should be allowed to enable access to certain VoIP applications? 139 110 3306 5060

5060 OBJ-1.5: Session Initiation Protocol (SIP) uses ports 5060 and 5061, and is a signaling protocol for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Server Message Block (SMB) uses ports 139 and 445, and is a network file sharing protocol that runs on top of the NetBIOS architecture in Windows environments. MySQL uses ports 3306 and is an open-source relational database management system that is fully compatible with the structured query language (SQL).

Dion Training is configuring a new subnet at their offices in Puerto Rico and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new subnet in Puerto Rico has 57 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 57 devices while allocating the minimum number of addresses? /27 /26 /25 /24

/26 OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 57 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. This means you need 59 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 59 IP addresses, we need to round up to a block of 64. To symbolize a CIDR block with 64 IP addresses, we would use /26, which is 2^6 = 64.

Dion Training is configuring a new branch office in Florida and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new branch office in Florida will require 23 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 23 devices while allocating the minimum number of addresses? /28 /27 /26 /29

/27

Dion Training is adding a leased line link between its headquarters in Puerto Rico and its branch office in the Philippines. The organization has purchased a point-to-point network connection using a dedicated T1 circuit to link the locations together. Dion Training has been assigned a Class C scope of 187.15.3.0/24 and needs to add an IP address to each end of this T1 connection. What is the correct CIDR notation for the new subnet that will contain this T1 connection in order to accommodate the link while allocating the minimum number of addresses? /30 /27 /28 /29

/30 OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have a link that requires an IP for each end of the connection, therefore we need two IP addresses. But, every network also needs one IP address for the network and a second IP address for the broadcast. This means you need 4 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). To symbolize a CIDR block with 4 IP addresses, we would use /30, which is 2^2 = 4. Some newer network devices will support the use of a /31 (2 IP addresses) for point-to-point links like the one described in this scenario. In that cases, the network and broadcast IP addresses are not assigned, and a /31 subnet with a subnet mask of 255.255.255.254 can be used.

What is the broadcast address associated with the host located at 192.168.0.123/29? 192.168.0.63 192.168.0.255 192.168.0.191 192.168.0.127

192.168.0.127

Which of the following ethernet standards is used with a single-mode fiber optic cable? 40GBase-T 1000Base-T 10GBase-LR 10GBase-SR

10GBASE-LR OBJ-1.3: 10GBase-LR is a standard for 10 Gigabit Ethernet over single-mode fiber optic cabling. 10GBase-SR is a 10 Gigabit Ethernet LAN standard for use with multimode fiber optic cables using short-wavelength signaling. 1000Base-T and 40GBase-T are ethernet standards that use copper wiring. For the exam, remember the memory aid, "S is not single," which means that if the naming convention does not contain Base-S as part of its name then it uses a single-mode fiber cable.

You have just finished installing a new web application and need to connect it to your SQLnet database server. Which port must be allowed to enable communications through your firewall between the web application and your database server? 1521 3389 1433 3306

1521 OBJ-1.5: SQLnet uses ports 1521, and is a relational database management system developed by Oracle that is fully compatible with the structured query language (SQL). Microsoft SQL uses ports 1433 and is a proprietary relational database management system developed by Microsoft that is fully compatible with the structured query language (SQL). MySQL uses ports 3306 and is an open-source relational database management system that is fully compatible with the structured query language (SQL). Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

What is the broadcast address associated with the host located at 172.16.200.130/26? 172.16.200.191 172.16.200.190 172.16.200.159 172.16.200.158

172.16.200.191 OBJ-1.4: In classless subnets using variable length subnet mask (VLSM), the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /26, so each subnet will contain 64 IP addresses. Since the IP address provided is 172.16.200.130, the broadcast address will be 172.16.200.191.

What is the broadcast address associated with the host located at 189.76.60.164/26? 189.76.60.191 189.76.60.128 189.76.60.192 189.76.60.129

189.76.60.191 OBJ-1.4: In classless subnets using variable length subnet mask (VLSM), the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /26, so each subnet will contain 64 IP addresses. Since the IP address provided is 189.76.60.164, the broadcast address will be 189.76.60.191.

Which of the following levels would a critical condition generate? 4 0 2 6

2 OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately. Level 2 is used for a critical condition, and it means that there is a failure in the system's primary application and it requires immediate attention. Level 3 is used for an error condition, and it means that something is happening to the system that is preventing the proper function. Level 4 is used for warning conditions and it may indicate that an error will occur if action is not taken soon. Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions. Level 6 is used for information conditions and it is a normal operational message that requires no action. Level 7 is used for debugging conditions and is just information that is useful to developers as they are debugging their networks and applications.

Which of the following ports are used to provide secure remote connection sessions over the Internet? 23 25 80 22

22 OBJ-1.5: Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection, but sends its data in plaintext making it an insecure protocol. The Simple Mail Transfer Protocol (SMTP) uses port 25 and is an internet standard communication protocol for electronic mail transmission. The Hypertext Transfer Protocol (HTTP) uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer.

A small law office has a network with three switches (8 ports), one hub (4 ports), and one router (2 ports). Switch 1 (switch port 8) is connected to an interface port (FastEthernet0/0) on the router. Switch 2 (switch port 8) and switch 3 (switch port 8) are connected to Switch 1 (switch ports 1 and 2). The hub has three computers plugged into it on ports 1, 2, and 3. The fourth port on the hub is connected to the router's other interface port (FastEthernet0/1). Based on the configuration described here, how many collision domains are there within this network? 4 8 2 1

4 OBJ-2.1: A collision domain is a network segment connected by a shared medium or through repeaters where simultaneous data transmissions collide with one another. Hubs do not break up collision domains, but routers and switches do. For each switchport or interface on a switch or router, there is a new collision domain. Therefore, in this network, you will have one collision domain for the hub and its clients that are connected to FastEthernet0/1. There is a second collision domain for the router's other interface (FastEthernet0/0) that is shared with Switch 1 (switch port 8). There is a third collision domain for the connection between Switch 2 and Switch 1, and a fourth domain for the connection between Switch 3 and Switch 1. If there were additional clients on any of these switches, each client would also be a part of its own collision domain, but since none were mentioned, we only have 4 collision domains in this network.

You suspect that your server has been the victim of a web-based attack. Which of the following ports would most likely be seen in the logs to indicate the attack's target? 21 389 443 3389

443 OBJ-1.5: Web-based attacks would likely appear on port 80 (HTTP) or port 443 (HTTPS). An attack against Active Directory is likely to be observed on port 389 LDAP. An attack on an FTP server is likely to be observed on port 21 (FTP). An attack using the remote desktop protocol would be observed on port 3389 (RDP).

Which cellular technology is compromised of LTE and LTE-A to provide higher data speeds than previous cellular data protocols? 4G 3G WMN 5G

4G OBJ-2.4: 4G cellular technology is made up of LTE and LTA-A. Long Term Evolution (LTE) is a packet data communications specification providing an upgrade path for both GSM and CDMA2000 cellular networks. LTE has a theoretical speed of 150 Mbps and a real-world speed of around 20 Mbps. LTE Advanced (LTE-A) has a theoretical speed of 300 Mbps and a real-world speed of around 40 Mbps. 5G cellular technology is made up of three different types: low-band, mid-band, and high-band mmWave technology. Low-band 5G reaches an average speed of 55 Mbps with a theoretical speed of 150 Mbps. Mid-band 5G reaches an average speed of 150 Mbps with a theoretical speed of 1.5 Gbps. High-band 5G reaches an average speed of 3 Gbps with a theoretical speed of up to 70 Gbps. 3G cellular technology is made up of two different technologies: HSPA+ and EV-DO. HSPA+ (Evolved High-Speed Packet Access) is a 3G standard used for GSM cellular networks and can support up to a theoretical download speed of 168 Mbps and a theoretical upload speed of 34 Mbps. In the real world, though, HSPA+ normally reaches speeds around 20 Mbps. EV-DO (Evolution-Data Optimized) is a 3G standard used for CDMA cellular networks and can support up to 3.1 Mbps downloads. A wireless mesh network (WMN) is a wireless network topology where all nodes, including client stations, can provide forwarding and path discovery to improve coverage and throughput compared to using just fixed access points and extenders.

Which of the following levels would a debugging condition generate? 0 6 7 1

7 OBJ-3.1: The severity levels range from zero to seven, with zero being the most severe and seven being the least severe. Level 0 is used for an emergency and is considered the most severe condition because the system has become unstable. Level 1 is used for an alert condition and means that there is a condition that should be corrected immediately. Level 2 is used for a critical condition, and it means that there is a failure in the system's primary application and it requires immediate attention. Level 3 is used for an error condition, and it means that something is happening to the system that is preventing the proper function. Level 4 is used for warning conditions and it may indicate that an error will occur if action is not taken soon. Level 5 is used for notice conditions and it means that the events are unusual, but they are not error conditions. Level 6 is used for information conditions and it is a normal operational message that requires no action. Level 7 is used for debugging conditions and is just information that is useful to developers as they are debugging their networks and applications.

Which type of wireless network utilizes the 2.4 GHz frequency band and reaches up to 11 Mbps speeds? 802.11a 802.11ax 802.11n 802.11b 802.11g 802.11ac

802.11B OBJ-2.4: The 802.11b (Wireless B) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 11 Mbps. The 802.11a (Wireless A) standard utilizes a 5 GHz frequency to provide wireless networking at speeds up to 54 Mbps. Even though 802.11a was a faster standard, the 802.11b standard gained more widespread adoption due to the low cost of manufacturing the radios for use in the 2.4 GHz frequency band. The 802.11g (Wireless G) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 54 Mbps. The 802.11n (Wireless N) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 108 Mbps or a 5.0 GHz frequency to provide wireless networking at speeds up to 600 Mbps. Wireless N supports the use of multiple-input-multiple-output (MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. Wireless N supports channel bonding by combining two 20 MHz channels into a single 40 MHz channel to provide additional bandwidth. The 802.11ac (Wireless AC or Wi-Fi 5) standard utilizes a 5 GHz frequency to provide wireless networking at theoretical speeds up to 3.5 Gbps. Wireless AC uses channel bonding to create a single channel of up to 160 MHz to provide additional bandwidth. Wireless AC uses multi-user multiple-input-multiple-output (MU-MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. The 802.11ax (Wireless AX or Wi-Fi 6) standard utilizes 2.4 GHz and 5.0 GHz frequencies to provide wireless networking at theoretical speeds up to 9.6 Gbps. Wireless AC uses orthogonal frequency-division multiple access (OFDMA) to conduct multiplexing of the frequencies transmitted and received to each client to provide additional bandwidth. Wireless AC uses channel bonding to create a single channel of up to 160 MHz to provide additional bandwidth. Wireless AC uses multi-user multiple-input-multiple-output (MU-MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. Wireless AC also has a version called Wi-Fi 6E that supports the 6GHz frequency instead of the 2.4 GHz and 5.0 GHz frequencies used in Wi-Fi 6.

Which type of wireless network utilizes the 5 GHz frequency band and reaches speeds of up to 3.5 Gbps? 802.11ac 802.11ax 802.11g 802.11n 802.11a 802.11b

802.11ac OBJ-2.4: The 802.11ac (Wireless AC or Wi-Fi 5) standard utilizes a 5 GHz frequency to provide wireless networking at theoretical speeds up to 3.5 Gbps. Wireless AC uses channel bonding to create a single channel of up to 160 MHz to provide additional bandwidth. Wireless AC uses multi-user multiple-input-multiple-output (MU-MIMO) technology to use multiple antennas to transmit and receive data at higher speeds.

Your company is currently using a 5 GHz wireless security system, so your boss has asked you to install a 2.4 GHz wireless network to use for the company's computer network to prevent interference. Which of the following can NOT be installed to provide a 2.4 GHz wireless network? 802.11b 802.11g 802.11n 802.11ac

802.11ac The 802.11ac (Wireless AC or Wi-Fi 5) standard utilizes a 5 GHz frequency to provide wireless networking at theoretical speeds up to 5.5 Gbps.

Which type of wireless network utilizes the 2.4 GHz or 5 GHz frequency bands and reaches speeds of 108 Mbps to 600 Mbps? 802.11a 802.11n 802.11ac 802.11g 802.11ax 802.11b

802.11n OBJ-2.4: The 802.11n (Wireless N) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 108 Mbps or a 5.0 GHz frequency to provide wireless networking at speeds up to 600 Mbps. Wireless N supports the use of multiple-input-multiple-output (MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. Wireless N supports channel bonding by combining two 20 MHz channels into a single 40 MHz channel to provide additional bandwidth. The 802.11a (Wireless A) standard utilizes a 5 GHz frequency to provide wireless networking at speeds up to 54 Mbps. The 802.11b (Wireless B) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 11 Mbps. The 802.11g (Wireless G) standard utilizes a 2.4 GHz frequency to provide wireless networking at speeds up to 54 Mbps. The 802.11ac (Wireless AC or Wi-Fi 5) standard utilizes a 5 GHz frequency to provide wireless networking at theoretical speeds up to 3.5 Gbps. Wireless AC uses channel bonding to create a single channel of up to 160 MHz to provide additional bandwidth. Wireless AC uses multi-user multiple-input-multiple-output (MU-MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. The 802.11ax (Wireless AX or Wi-Fi 6) standard utilizes 2.4 GHz and 5.0 GHz frequencies to provide wireless networking at theoretical speeds up to 9.6 Gbps. Wireless AC uses orthogonal frequency-division multiple access (OFDMA) to conduct multiplexing of the frequencies transmitted and received to each client to provide additional bandwidth. Wireless AC uses channel bonding to create a single channel of up to 160 MHz to provide additional bandwidth. Wireless AC uses multi-user multiple-input-multiple-output (MU-MIMO) technology to use multiple antennas to transmit and receive data at higher speeds. Wireless AC also has a version called Wi-Fi 6E that supports the 6GHz frequency instead of the 2.4 GHz and 5.0 GHz frequencies used in Wi-Fi 6.

Which of the following IEEE specifications describes the use of VLANs? 802.1q 802.3af 802.1x 802.1d

802.1Q OBJ-2.3: 802.1Q is the networking standard that supports virtual LANs on an IEEE 802.3 Ethernet network. The standard defines a system of VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that results from them. STP is defined in the IEEE 802.1d standard.

You are setting up uplink ports for multiple switches to communicate with one another. All of the VLANs should communicate from the designated server switch. Which of the following should be set on the trunk ports if VLAN 1 is not the management VLAN? 802.1d 802.1x 802.1af 802.1q

802.1q OBJ-2.3: The IEEE 801.q standard is used to define VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames. Traffic should be properly tagged when combined over a single trunk port to ensure they are not sent to the wrong VLAN by mistake. If VLAN tagging is not enabled, all of the VLAN traffic will be sent to the native or default VLAN, VLAN 1. By default, VLAN 1 is enabled and all unused ports are assigned to it. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard. Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

Which of the following IEEE specifications describes the use of the link aggregation control protocol (LACP)? 802.3af 802.3ad 802.1x 802.1d

802.3ad OBJ-2.3: Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that results from them. STP is defined in the IEEE 802.1d standard. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. Power over Ethernet (POE) is a technology that lets network cables carry electrical power. POE is defined in the IEEE 802.3af.

You are installing a Small Office/Home Office (SOHO) network consisting of a router with 2 ports, a switch with 8 ports, and a hub with 4 ports. The router has one port connected to a cable modem and one port connected to switch port #1. The other 6 ports on the switch each have a desktop computer connected to them. The hub's first port is connected to switch port #2. Based on the description provided, how many collision domains exist in this network? 11 9 8 3

9 OBJ-2.1: Based on the description provided, there are 9 collision domains. Each port on the router is a collision domain (2), each port on the switch is a collision domain (8), and all of the ports on the hub make up a single collision domain (1). But, since one of the ports on the router is connected to one of the switch ports, they are in the same collision domain (-1). Similarly, the hub and the switch share a common collision domain connected over the switch port (-1). This gives us 9 collision domains total: the 8 ports on the switch and the 1 port on the route that is used by the cable modem.

What port number does POP3 over SSL utilize? 143 993 110 995

995 OBJ-1.5: Post Office Protocol version 3 over SSL (POP3 over SSL) uses port 995 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server that operates using an SSL or TLS encrypted tunnel. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Internet Message Access Protocol (IMAP) over SSL uses port 993 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection.

A network administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses without denying legitimate return traffic. Which type of firewall should the administrator install? A stateful network-based firewall A host-based stateless firewall A stateless network-based firewall A host-based stateful firewall

A stateful network-based firewall OBJ-2.1: A stateful firewall enhances security through packet filtering, and these types of firewalls also keep track of outbound requests and open the port for the returning traffic to enter the network. Since a centrally located firewall was required by the question, a network-based firewall should be chosen instead of a host-based firewall.

Dion Training has just installed a web server for a new domain name. Which of the following DNS records would need to be created to allow users to reach the website using its domain name and then redirect clients to the proper IPv6 address for the server? SOA A MX AAAA

AAAA OBJ-1.6: An AAAA record associates your domain name with an IPv6 address. An A record associates your domain name with an IPv4 address. An MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic. A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain.

Workers in a company branch office must visit an initial web page and click the "I agree" button before being able to surf the web. Which of the following is this an example of? SLA MOU AUP EULA

AUP OBJ-3.2: AUP stands for acceptable use policy. If you're agreeing to what you can and can't view, you accept the AUP. MOU is a memo of understanding which typically contains an agreement on certain actions. SLA is a service-level agreement that is usually made between two companies to state what level of service is expected if machines go down, etc., and when they can expect to be back up and running. EULA is an end-user license agreement and is used during the installation of a piece of software.

A technician needs to limit the amount of broadcast traffic on a network and allow different segments to communicate. Which of the following should the technician install to satisfy this requirement? Add a multilayer switch and create a VLAN Add a bridge between two switches Add a router and enable OSPF Add a firewall and implement proper ACL

Add a multilayer switch and create a VLAN OBJ-2.1: By adding a multilayer (layer 3) switch, the technician can improve network routing performance and reduce broadcast traffic. Creating a VLAN provides LAN segmentation, as well, within the network and the multilayer switch can conduct the routing between VLANs as needed. Just adding a single router would only create two broadcast domains, but adding the multilayer switch and configuring VLANs would allow you to add as many broadcast domains as you need. Each VLAN is its own broadcast domain. A bridge is a layer 2 device, it does not break apart broadcast domains. A firewall isn't designed to break apart broadcast domains, this is a job for a router or a layer 3 switch.

Which of the following would NOT be useful in defending against a zero-day threat? Patching Segmentation Allow listing Threat intelligence

Allow listing OBJ-4.1: While patching is a great way to combat threats and protect your systems, it is not effective against zero-day threats. By definition, a zero-day threat is a flaw in the software, hardware, or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw. This attack has no time (or days) between the time the vulnerability is discovered and the first attack, and therefore no patch would be available to combat it. Using segmentation, allow listing, and threat intelligence, a cybersecurity analyst, can put additional mitigations in place to protect the network even if a zero-day attack was successful.

Which of the following communication types are used in IPv6 to send a packet to the nearest interface that shares a common address in a routing table? Unicast Broadcast Multicast Anycast

Anycast OBJ-1.4: An IPv6 anycast address is an address that can be assigned to more than one interface (typically different devices). In other words, multiple devices can have the same anycast address. A packet sent to an anycast address is routed to the "nearest" interface having that address, according to the router's routing table. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6. Multicasting is a technique used for one-to-many communication over an IP network. Multicast can be used with both IPv4 and IPv6. Broadcast communication has one sender, but it sends the traffic to every device on the network. Broadcast only works with IPv4. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6.

Dion Training is afraid that an attacker might try to send other types of network traffic over port 80 to bypass their security policies. Which of the following should they implement to prevent unauthorized traffic from entering through the firewall? Stateful packet inspection HTTPS (SSL/TLS) Application-aware firewall Stateless packet inspection

Application-aware firewall OBJ-2.1: An application-aware firewall can make decisions about what applications are allowed or blocked by a firewall, as opposed to simply using IP addresses and port numbers, by applications by inspecting the data contained within the packets. A stateless packet inspection firewall allows or denies packets into the network based on the source and destination IP address or the traffic type (TCP, UDP, ICMP, etc.). A stateful packet inspection firewall monitors the active sessions and connections on a network. The process of stateful inspection determines which network packets should be allowed through the firewall by utilizing the information it gathered regarding active connections as well as the existing ACL rules. Neither a stateless nor stateful inspection firewall operates at layer 6 or layer 7, so they cannot inspect the contents of the packet to ensure it contains HTTP traffic and not other types of network traffic. HTTPS (SSL/TLS) would allow for an encrypted communication path between the webserver and the client, but this would not prevent an attacker from sending other network protocol data over port 80 and bypassing the firewall rules.

A new piece of malware attempts to exfiltrate user data by hiding the traffic and sending it over a TLS-encrypted outbound traffic over random ports. What technology would be able to detect and block this type of traffic? Stateful packet inspection Stateless packet inspection Application-aware firewall Intrusion detection system

Application-aware firewall OBJ-4.2: A web application firewall (WAF) or application-aware firewall would detect both the accessing of random ports and TLS encryption and identify it as suspicious. An application-aware firewall can make decisions about what applications are allowed or blocked by a firewall, and TLS connections are created and maintained by applications. A stateless packet inspection firewall allows or denies packets into the network based on the source and destination IP address or the traffic type (TCP, UDP, ICMP, etc.). A stateful packet inspection firewall monitors the active sessions and connections on a network. The process of stateful inspection determines which network packets should be allowed through the firewall by utilizing the information it gathered regarding active connections as well as the existing ACL rules. Neither a stateless nor stateful inspection firewall operates at layer 6 or layer 7, so they cannot inspect TLS connections. An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. An IDS only monitors the traffic on the network, it cannot block traffic.

Tamera just purchased a Wi-Fi-enabled Nest Thermostat for her home. She has hired you to install it, but she is worried about a hacker breaking into the thermostat since it is an IoT device. Which of the following is the BEST thing to do to mitigate Tamera's security concerns? (Select TWO) Disable wireless connectivity to the thermostat to ensure a hacker cannot access it Enable two-factor authentication on the device's website (if supported by the company) Configure the thermostat to connect to the wireless network using WPA2 encryption and a long, strong password Configure the thermostat to use the WEP encryption standard for additional confidentiality Configure the thermostat to use a segregated part of the network by installing it into a screened subnet Upgrade the firmware of the wireless access point to the latest version to improve the security of the network

Configure the thermostat to connect to the wireless network using WPA2 encryption and a long, strong password, Configure the thermostat to use a segregated part of the network by installing it into a screened subnet

Which of the following wireless characteristic does channel bonding improve? Coverage area Encryption strength Signal strength Connection speed

Connection Speed OBJ-2.4: Channel bonding is a practice commonly used in IEEE 802.11 implementations in which two adjacent channels within a given frequency band are combined to increase throughput between two or more wireless devices. Signal strength only refers to the maximum transmitted power by an antenna. Coverage area is the geographic area with adequate signal strength around a single antenna or wireless network. Encryption strength is a measure of the number of bits in the key used to encrypt data in an algorithm.

Which of the following layers within software-defined networking determines how to route a data packet on the network? Application layer Control layer Management plane Infrastructure layer

Control Layer OBJ-1.7: The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. The application layer focuses on the communication resource requests or information about the network. The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements. The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

Which of the following layers is NOT used in a three-tiered data center network architecture? Core layer Control layer Distribution/aggregation layer Access/edge layer

Control layer OBJ-1.7: The control layer is used in software-defined networking (SDN), not the three-tiered data center network architecture. The Core Layer is considered the backbone of our network and is used to merge geographically separated networks back into one logical and cohesive unit. In general, you will have at least two routers at the core level, operating in a redundant configuration. The distribution or aggregation layer is located under the core layer and it provides boundary definition by implementing access lists and filters to define the policies for the network at large. The access or edge layer is located beneath the distribution or aggregation layer and is used to connect all the endpoint devices like computers, laptops, servers, printers, wireless access points, and others.

A technician receives a report that a VoIP phone is experiencing a "no network connectivity" error. The technician notices the Cat6a patch cable running from the back of the phone is routed behind the user's rolling chair. The cable appears to have been rolled over numerous times by the user, and it looks flattened from the abuse. Which of the following is the most likely cause of the connectivity issues being experienced on the VoIP phone? Excessive collisions Transmit and receive reversed Improperly crimped cable Cross-talk

Cross-talk OBJ-5.2: Crosstalk is defined as an effect caused by the unintentional and undesired transmission (leakage) of a signal from one cable to another. Due to the abuse of the cable being run over repeatedly by the user's chair, the cable's shielding could have been damaged and the cable may no longer be made up of the same consistency. This can lead to crosstalk amongst the cable pairs, or even opens/shorts of the wires in those cable pairs.

Which of the following technologies is not commonly used by a captive portal to perform user redirection? DHCP redirect HTTP redirect DNS redirect ICMP redirect

DHCP redirect OBJ-4.3: In general, captive portals are implemented by using an HTTP redirect, an ICMP redirect, or a DNS redirect. A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a wireless network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication, payment, acceptance of an end-user license agreement, acceptable use policy, survey completion, or other information prior to allowing access to the network and its resources.

You have just moved into a new apartment and need to get internet service installed. Your landlord has stated that you cannot drill any holes to install new cables into the apartment. Luckily, your apartment already has cable TV installed. Which of the following technologies should you utilize to get your internet installed in your apartment? DSL modem Satellite modem Wireless router DOCSIS modem

DOCSIS modem OBJ-1.2: DOCSIS (Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. Many cable television operators employ it to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these cable modems, but technically, they are DOCSIS modems.

Which communication technology would MOST likely be used to increase bandwidth over an existing fiber-optic network by combining multiple signals at different wavelengths? DWDM LACP FCoE ADSL

DWDM OBJ-1.2: Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous connections. Asymmetric digital subscriber line (ADSL) is a type of digital subscriber line technology, a data communications technology that enables faster data transmission over copper telephone lines than a conventional voiceband modem can provide. The link aggregation control protocol (LACP) is used to combine multiple network connections in parallel by any of several methods, in order to increase throughput beyond what a single connection could sustain, to provide redundancy in case one of the links should fail, or both. LACP would require bundling multiple fiber optic cables together to increase bandwidth, therefore it wouldn't use your existing fiber-optic network to increase the bandwidth as it would need additional cables. Fibre Channel over Ethernet (FCoE) is a method of supporting converged Fibre Channel (FC) and Ethernet traffic on a data center bridging (DCB) network. FCoE encapsulates unmodified FC frames in Ethernet to transport the FC frames over a physical Ethernet network.

Which of the following cloud services should an organization choose in order to deliver virtual desktops to end-users over the Internet on a per-user license basis? SaaS IaaS DaaS PaaS

DaaS OBJ-1.8: Desktop as a Service (DaaS) is a cloud computing offering where a service provider delivers virtual desktops to end-users over the Internet, licensed with a per-user subscription. DaaS is often combined with Virtual Desktop Infrastructure. Platform as a Service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. Infrastructure as a Service (IaaS) is a type of cloud computing service that offers essential compute, storage, and networking resources on-demand, on a pay-as-you-go basis. Software as a Service (SaaS) allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools (such as Microsoft Office 365). SaaS provides a complete software solution that you purchase on a pay-as-you-go basis from a cloud service provider.

You are investigating a network connectivity issue that is affecting two of your network clients. When you check the switchports of these clients, you observe that the switchports' physical interfaces are continually going up and down. Which of the following is the most likely reason for the flapping of the switchports you are observing? Collisions Multicast flooding Asymmetrical routing Duplicate MAC address

Duplicate MAC address OBJ-5.5: A duplicate MAC address occurs when two or more devices are responding to data requests as if they are the only device on the network with that physical address. One indication of this occurring is when a switch continually changes the port assignments for that address as it updates its content-addressable memory (CAM) table to reflect the physical address and switchport bindings. This will cause the switchports to continually flap by going up and down as the assignments are updated within the CAM table. Multicast flooding occurs because no specific host is associated with the multicast MAC address in the content-addressable memory (CAM) table of a switch. Asymmetric routing is when network packets leave via one path and return via a different path (unlike symmetric routing, in which packets come and go using the same path). A collision is the result of two devices on the same Ethernet network attempting to transmit data at the exact same time. Collisions are a common occurrence in half-duplex networks but should not occur in a full-duplex switched environment.

A technician added memory to a router, but the router refuses to recognize the new memory module. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is the MOST likely cause of this issue? VTP Driver update CMOS ESD

ESD OBJ-5.5: The most likely cause is that the memory chips are faulty because they have suffered from electrostatic discharge (ESD) during the chips' installation and movement. This question references a concept covered in-depth in your A+ curriculum but is considered fair game on the Network+ exam. It is also covered under the objectives for hardware failure on the Network+ exam and the objective for safety procedures.

An organization wants to choose an authentication protocol that can be used over an insecure network without implementing additional encryption services. Which of the following protocols should they choose? PAP RADIUS Kerberos TACACS+

Kerberos OBJ-4.1: The Kerberos protocol is designed to send data over insecure networks while using strong encryption to protect the information. RADIUS, TACACS+, and PAP are all protocols that contain known vulnerabilities that would require additional encryption to secure them during the authentication process.

Which of the following components is used by an agent to send a single key-pair value about a significant event or condition that is occurring in real-time to a manager? Granular trap OID MIB Verbose trap

Granular trap OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. A trap is an asynchronous notification from the agent to fthe manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition. A granular trap contains a unique object identifier (OID) number and a value for that OID. A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network. A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).

Dion Training is concerned about an attacker gaining access to their network and gaining access to their confidential financial data. What could be implemented to attempt to redirect an attacker to a different server that doesn't contain any real financial data? Honeypot Content filter DMZ Botnet

Honeypot OBJ-4.1: A honeypot is a computer security mechanism set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data that appears to be a legitimate part of the site but is actually isolated and monitored and seems to contain information or a resource of value to attackers, who are then tricked into spending their time attacking the honeypot instead of your real servers. A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet. A content filter is a device that screens and/or excludes access to web pages or emails that have been deemed objectionable. A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them.

Dion Worldwide has created a network architecture that relies on two main data centers, one in the United States and one in Japan. Each satellite office in the United States and Canada will connect back to the American data center, while each satellite office in Asia will connect back to the Japanese data center. Both the American and Japanese data centers are interconnected, as well. Therefore, if a client in the Philippines wants to send a file to the office in Miami, it will go first to the Japanese datacenter, then route across to the American datacenter, and then to the Miami satellite office. Which of the following network topologies best describes the Dion Worldwide network? Hub and spoke Ring Star Bus

Hub and spoke OBJ-1.2: A hub and spoke topology is a network topology where a central device (the hub) is connected to multiple other devices (the spokes). A bus topology is a network topology in which nodes are directly connected to a common network media, such as a coaxial cable, known as the bus. A star topology is a network topology where each individual piece of a network is attached to a central node, such as a switch. A ring topology is a network topology in which each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node to form a circular ring.

A network technician just finished configuring a new interface on a router, but the client workstations do not receive the addressing information from the new interface. Which of the following should be added or changed to allow the workstations to connect to the new interface? IP helper TTL DHCP lease time MX record

IP helper OBJ-1.6: DHCP IP Helper addresses enable a single DHCP server to provide DHCP IP addresses to every PC on the network, regardless of whether they are on the same broadcast domain as the DHCP server or not. DHCP IP Helper addresses are IP addresses configured on a routed interface such as a VLAN Interface or a routers Ethernet interface that allows that specific device to act as a "middle man" which forwards BOOTP (Broadcast) DHCP request it receives on an interface to the DHCP server specified by the IP Helper address via unicast. Adding an IP Helper address to the new interface on the router will allow the DHCP broadcast requests to be forwarded to the workstations. Time to live (TTL) or hop limit is a mechanism which limits the lifespan or lifetime of data in a computer or network. An MX record in DNS is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic. The DHCP lease time is the amount of time a dynamic IP can be used by a client prior to requiring it to be renewed.

Students at Dion Training are working on a networking lab that requires a single switch to be remotely accessed by many students simultaneously. The instructor verifies that the switch can be accessed using the console, but the switch is only letting one student log in to the device at a time. Which of the following configurations should the instructor implement to fix this issue? Increase the number of virtual terminals available Increase the number of VLANs configured on the switch Clear the ARP cache and flush the DNS cache on the switch Increase installed memory and install a larger flash module

Increase the number of virtual terminals available OBJ-5.5: You can set a limit of how many virtual terminals can simultaneously remotely connect to a switch. The issue in this scenario is that the switch is configured to a maximum of one virtual terminal, so only one student can access the switch at a time. When a student connects to a switch or router using ssh or telnet, it requires a virtual terminal connection. The default virtual terminal limit is 32 on Cisco devices, but you can configure it to allow between 1 and 64 simultaneous connections. To connect to a virtual terminal, you would utilize a terminal emulator. A packet capture tool is used to collect data packets being transmitted on a network and save them to a packet capture file (pcap) for later analysis.

Dion Training has begun to notice slow response times from their internal network file server to workstations on their local area network. After adding several new employees and workstations, the network administrator determined that the server is experiencing requests for up to 2 Gbps of simultaneous data transfer which has resulted in congestion at the server's NIC. Which of the following actions should the network administrator implement to remove this performance bottleneck? Enable CSMA/CD on the local area network Add an ACL to the firewall that reduces traffic to the server Update the NIC drivers to support 802.3af for the server Install a NIC, implement NIC teaming, and configure 802.3ad

Install a NIC, implement NIC teaming, and configure 802.3ad OBJ-5.5: Since the bottleneck has been identified as the server's NIC card, a second network interface card (NIC) should be installed, NIC teaming should be implemented, and 802.3ad (LACP) should be configured on the switch. NIC teaming allows a server to load balance any data sent or received across two network interface cards, effectively doubling the server's network throughput. The switch should be configured to support LACP, the link aggregation control protocol, to support the NIC teaming on the server. Link Aggregation Control Protocol or LACP is one element of an IEEE specification (802.3ad) that provides guidance on the practice of link aggregation for data connections. The 802.3af standard is used to support power over ethernet (POE), which will not increase the bandwidth or throughput to the server. An ACL is used to block traffic, which would reduce traffic to the server, but it would also block legitimate users. Carrier-sense multiple access with collision detection (CSMA/CD) is a media access control method used most notably in early Ethernet technology for local area networking. It should not be disabled on an ethernet-based network since it is required for proper network operations.

Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability? MPLS trunking VLAN tagging Multiplexing Load balancing

Load balancing OBJ-3.3: Load balancing is a technique used to spread work across multiple computers, network links, or other devices. Multiprotocol Label Switching is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows. VLAN tagging is used to keep traffic from different networks separate when traversing shared links and devices within a network topology. Multiplexing is the technology that is able to combine multiple communication signals together in order for them to traverse an otherwise single signal communication medium simultaneously.

You have been asked to troubleshoot Dion Training's T1 connection that is experiencing connectivity issues. You have already verified that the network's router is properly configured, the cable is connected properly between the router and the T1's CSU/DSU, but the T1 remains down. You want to test the interface on the CSU/DSU to ensure it is functioning properly. Which of the following tools should you use to test this interface? Light meter Tone generator Cable tester Loopback adapter

Loopback adapter OBJ-5.2: A T1 connection is a copper-based connection. A loopback adapter is a plug that is used to test the physical port or interface on a network device. You will need to insert the loopback adapter into the interface on the CSU/DSU and conduct a self-test of the device by looping back the transmit path to the receive path and the receive path to the transmit path. A loopback adapter can also be used to test the T1 line by allowing the ISP to conduct a remote diagnosis of the connection between their central office and your demarcation point to ensure it is working properly. A fiber light meter, also known as an optical power meter, is used to measure the power in an optical signal over a fiber optic cable. A cable tester is used to verify the electrical connections in a twisted pair or coaxial cable. A cable tester is used to test a cable, not the interface itself. A tone generator is used with a toner probe to accurately identify the location of a cable pair or conductor within a wiring bundle, cross-connection point, or at the remote end. A tone generator is not used to test an interface.

A technician installs a new piece of hardware and now needs to add the device to the network management tool database. However, when adding the device to the tool using SNMP credentials, the tool cannot successfully interpret the results. Which of the following needs to be added to allow the network management tool to interpret the new device and control it using SNMP? MIB WALK TRAP GET

MIB OBJ-3.1: Management Information Base (MIB) is used for managing all entities on a network using Simple Network Management Protocol. It would allow the tool to interpret the information received correctly.

Which of the following components is used to describe the structure of a device subsystem using a hierarchical namespace containing all of the variables that may be set or read using SNMP? Granular trap MIB Verbose trap OID

MIB OBJ-3.1: The Simple Network Management Protocol (SNMP) uses ports 161 and 162, and it is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks. The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID). A unique objective identifier (OID) identifies a variable that can be read or set using the SNMP protocol. A trap is an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition. A granular trap contains a unique object identifier (OID) number and a value for that OID. A verbose trap may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network.

Which type of wireless technology are OFDM, QAM, and QPSK examples of? Spectrum Frequency RF interference Modulation

Modulation OBJ-2.4: Modulation is the process of varying one or more properties of a periodic waveform, called the carrier signal, with a separate signal called the modulation signal that typically contains information to be transmitted. WiFi can use different digital modulation schemes for data transmission. Common types of modulation include Orthogonal frequency-division multiplexing (OFDM), Quadrature Amplitude Modulation (QAM), and Quadrature Phase-shift keying (PSK).

Thomas has a server that streams media to the local network, and the device is currently visible on the network. All of the workstations on the LAN can ping the device, and all the firewalls are currently turned off. The goal is for the streaming media server to allow different workstations to watch the stream if they choose to subscribe to it. The streaming device appears to be functioning properly, but the media won't stream when requested. Which of the following TCP/IP technologies is MOST likely not implemented properly? Multicast Unicast Anycast Broadcast

Multicast OBJ-1.4: Multicast is a TCP/IP technology that sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server. As opposed to broadcast (one-to-all), which sends out packets to all devices, multicast (one-to-many-of-many/many-to-many-of-many) only sends packets to the clients that specifically requested to be a part of the distribution and not just every client on the network. Multicast requires the proper implementation and configuration to route the traffic to the right devices on the LAN so that streaming can properly function. Multicast works with IPv4 or IPv6. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6. Broadcast communication has one sender, but it sends the traffic to every device on the network. Broadcast only works with IPv4. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6.

You are troubleshooting a cable modem for a home user's network. The connection speeds are much lower than you expected. You suspect the coaxial cable between the wall jack and the cable modem is faulty. Based on your research, a coaxial cable used in data networks should have an impedance of 50 ohms. Which of the following tools should you use to measure the resistance of the coaxial cable? Multimeter Cable tester Spectrum analyzer Cable certifier

Multimeter OBJ-5.2: A multimeter is a measuring instrument that can measure the voltage, resistance, and amperage of a cable or conduit. To test this cable, you should set the multimeter to resistance and connect one of the multimeter's leads to each end of the coaxial cable to determine the resistance as measured in ohms.

Which mitigation provides the best return on investment by mitigating the most vulnerable attack vector in an enterprise network? Enable biometrics and SSO for authentication Remove unneeded services running on the servers Provide end-user awareness training for office staff Update all antivirus definitions on workstations and servers

Provide end-user awareness training for office staff OBJ-4.5: An enterprise network's end users are the most vulnerable attack vector. Studies have shown that an investment in end-user cybersecurity awareness training has the best return on investment of any risk mitigation strategy. While all of the options presented are valid security mitigations, only end-user awareness training mitigates the biggest network vulnerability we have: our users.

You received an incident response report indicating a piece of malware was introduced into the company's network through a remote workstation connected to the company's servers over a VPN connection. Which of the following controls should be applied to prevent this type of incident from occurring again? MAC filtering SPF (Incorrect) ACL NAC (Correct)

NAC OBJ-4.1: Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as anti-virus, host intrusion prevention, and vulnerability assessment), user or system authentication, and network security enforcement. When a remote workstation connects to the network, NAC will place it into a segmented portion of the network (sandbox), scan it for malware and validate its security controls, and then based on the results of those scans, either connect it to the company's networks or place the workstation into a separate quarantined portion of the network for further remediation. An access control list (ACL) is a network traffic filter that can control incoming or outgoing traffic. An ACL alone would not have prevented this issue. MAC Filtering refers to a security access control method whereby the MAC address assigned to each network card is used to determine access to the network. MAC filtering operates at layer 2 and is easy to bypass. Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during email delivery.

Your company's security policy states that its workstations must hide their internal IP addresses whenever they make a network request across the WAN. You have been asked to recommend a technology that would BEST implement this policy. Which of the following is the BEST solution for you to recommend? DMZ OSPF NAT VPN

NAT OBJ-1.4: Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN. A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet. A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP).

What is BEST used to perform a one-time temporary posture assessment in a NAC environment? Antivirus Intrusion prevention system Non-persistent agent Host-based firewall

Non-persistent agent OBJ-4.1: A non-persistent agent is used to access the device during a one-time check-in at login. A persistent agent is agent software that resides on the client making the connection, and a non-persistent agent is software the client runs (usually from a browser) as they are connecting so the agent can perform the checks, but the software does not permanently stay with the client after they disconnect. This is beneficial in BYOD (Bring Your Own Device) policies.

Your company has been asked by a local charity that supports underprivileged youth if they would help to build an internet café for their students. Because the charity doesn't have any funding for this project, your company has decided to donate their old workstations and networking equipment to create the network. All of the workstations, routers, and switches have been tested before installation. The company has decided to reuse some old network cables to connect the computers to the switches to save money. When you arrive at the new internet cafe, you are told that everything is working except unlucky computer #13 can't connect to the network. You attempt to plug the network cable into another computer, but then that computer cannot connect to the network. Confused, you try connecting the cable directly between two computers, and now they can communicate directly with each other. What is wrong with this cable? The cable is a rollover cable but should be a crossover cable The cable is a straight-through cable but should be a crossover cable The cable is a crossover cable but should be a straight-through cable The cable is a console cable but should be a straight-through cable

OBJ-5.2: Since the cable only worked when connecting two computers directly together, it is a crossover cable. Crossover cables are used to connect two of the same devices (computer to computer, or router to router) by switching the transmit and receiving pins in the cable's jack. Since you are trying to connect a computer to a switch, you need to have a straight-through cable instead. A rollover or console cable is used to connect a computer to a router's console port, not a computer to a switch.

A user's smartphone is displaying text in other languages in their web browser when accessing the company's main website. Which of the following is the MOST likely cause of the issue? Deauthentication attack Denial-of-service attack On-path attack Reflective DNS attacks

On-path attack OBJ-4.2: An on-path attack (previously known as a man-in-the-middle attack) is a general term when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or impersonate one of the parties, making it appear as if a normal exchange of information is occurring. For example, if your user and server are both in the United States (English language), but the attacker is performing the on-path attack from Russia, then the server will utilize the Russian language in the text since it sees the connection coming from a Russian IP address. A denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. A reflective DNS attack is a two-step attack used in DDoS attacks. The attacker sends a large number of requests to one or more legitimate DNS servers while using a spoofed source IP of the targeted victim. The DNS server then replies to the spoofed IP and unknowingly floods the targeted victim with responses to DNS requests that it never sent. A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point by sending a deauthentication frame to the victim's machine.

A network technician receives the following alert from a network device: "High utilization threshold exceeded on gi1/0/24: current value 88%" What is being monitored to trigger the alarm? Disk space utilization Memory utilization Processor utilization Port utilization

Port utlization OBJ-5.5: This is an error message that indicates that the threshold of high utilization of network interface or port, in this case, interface gi1/0/24, has been exceeded. The message has been triggered on the interface link status since gi1/0 is a gigabit interface. Network devices can be configured with alarms that will send a message or alert when high utilization or low utilization past a given setpoint occurs. For example, it is common to set the high utilization setpoint to 70% and the low utilization setpoint to 30%.

Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not accepting any connections from the internal network. You have been asked where to place the web server in the network architecture and configure the ACL rule to support the requirements. The current network architecture is segmented using a triple-homed firewall to create the following three zones: ZONE INTERFACE, IP address --------------------------------------- PUBLIC, eth0, 66.13.24.16/30 DMZ, eth1, 172.16.1.1/24 PRIVATE, eth2, 192.168.1.1/24 Based on the requirements and current network architecture above, where should you install the webserver and how should you configure it? Put the server in the DMZ with an inbound rule from eth1 to eth0 that allows port 80 traffic to the server's IP Put the server in the PRIVATE zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP Put the server in the PUBLIC zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP

Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP

Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue? WPA2 security key CSMA/CA SSL certificates RADIUS

RADIUS OBJ-5.4: Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes the authentication data to an AAA (Authentication, Authorization, and Accounting) server that processes the request. Secure Sockets Layer (SSL) is a security protocol developed by Netscape to provide privacy and authentication over the Internet. SSL is application-independent that works at layer 5 [Session] and can be used with a variety of protocols, such as HTTP or FTP. Client and server set up a secure connection through PKI (X.509) certificates. Carrier-sense multiple access with collision avoidance (CSMA/CA) is a type of network multiple access method that uses carrier sensing, but nodes attempt to avoid collisions by beginning transmission only after the channel is sensed to be idle. CSMA/CA occurs in the background when communicating with a wireless access point and would not prevent the user from authenticating to the captive portal. A WPA2 security key is a preshared password used to authenticate and connect to a wireless access point. If the user connected to the SSID, then the WPA2 security key was valid.

A company is installing several APs for a new wireless system that requires users to authenticate to the domain. The network technician would like to authenticate to a central point. What solution would be BEST to achieve this? LACP Proxy server RADIUS Network controller

RADIUS OBJ-4.1: A Remote Authentication Dial-in User Service (RADIUS) server provides AAA management for users connecting to a wired or wireless network, which includes the ability to authenticate users. Link Aggregation Control Protocol (LACP) is an open standard of Ethernet link aggregation. A proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. A network controller is software that orchestrates network functions by acting as an intermediary between the business and the network infrastructure.

You are working as a wireless networking technician and running a wireless controller to aid in network administration. Your supervisor has requested that you implement a centralized authentication service. Which of the following devices should you install and configure if you want to decrease the amount of time spent administering the network while still providing a centralized authentication service for your users? VPN concentrator RADIUS server Proxy server Layer 3 switch

RADIUS server OBJ-4.1: A Remote Authentication Dial-In User Service (RADIUS) server will enable the wireless clients to communicate with a central server to authenticate users and authorize their access to the requested service or system. None of the other options presented are designed to support centralized authentication services by themselves, but instead, use a protocol like RADIUS to perform those functions.

A network technician needs to install a server to authenticate remote users before accessing corporate network resources when working from home. Which kind of server should the network technician implement? RAS PPP DNSSEC VLAN

RAS OBJ-4.4: A remote access server (RAS) or remote desktop gateway is a type of server that provides a suite of services to connect users to a network or the Internet remotely. The Domain Name System Security Extensions (DNSSEC) is a suite of extension specifications by the Internet Engineering Task Force for securing data exchanged in the Domain Name System in Internet Protocol networks. Point-to-Point Protocol (PPP) is a TCP/IP protocol that is used to connect one computer system to another. Computers use PPP to communicate over the telephone network or the Internet. A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).

A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN and using a router as their gateway device. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all the computers on the network will be part of a single VLAN. The connection between these computers should produce the highest throughput possible in the most cost-effective manner. Which routing protocol should be used with the gateway router and what device should you select to connect the computers within the branch office? BGP as the routing protocol; connect the computers with a 1 Gb Fibre Channel RIPv2 as the routing protocol; connect the computers with a Gigabit Layer 2 switch OSPF as the routing protocol; connect the computers with a Gigabit Layer 3 switch EIGRP as the routing protocol; connect the computers with a 802.11n MIMO access point

RIPv2 as the routing protocol; connect the computers with a Gigabit Layer 2 switch BJ-2.2: RIPv2 is a classless, distance vector routing protocol that will include the subnet mask with the network addresses in its routing updates. RIPv2 has the least overhead of the four routing protocol options presented in this question. If you were not sure about this, you could look at answer the second half of the question concerning the interconnection of the computers within the branch office instead and try to eliminate some of the wrong options. Due to the requirement of using the highest throughput, you can eliminate the 802.11n MIMO access point as it will have a maximum throughput of 600 Mbps and the other options are all 1000 Mbps/1Gbps. You can also eliminate the Fibre Channel switch, since Fibre Channel is a high-speed data transfer protocol that provides in-order, lossless delivery of raw block data used to connect computers and servers to storage devices in a storage area network (SAN). At this point, you would have to choose between the layer 2 or layer 3 gigabit switch which are fairly equivalent for the purposes of this question but at least you have increased your odds of guessing the right answer from 25% to 50% by eliminating two wrong answer choices.

A company is setting up a brand new server room and would like to keep the cabling infrastructure out of sight but still accessible to the network administrators. Infrastructure cost is not an issue. Which of the following should be installed to meet the requirements? Patch panels Cable trays Conduit Raised floor

Raised floor OBJ-1.3: Raised floors allow the cabling to be placed under the floor, but still accessible to the network administrators. A conduit is a tube through which power or data cables pass. Conduits are usually metal or plastic pipes, and it makes accessing the cables difficult when maintenance is going to be performed. Cable trays are a mechanical support system that can support electrical cables used for power distribution, control, and communication. Cable trays can be installed on the ceiling or under the floor if you are using a raised floor system. If cable trays are installed in the ceiling, they can be difficult to reach and work on. Patch panels are useful in a cable distribution plant, but they will not allow the cables to be distributed throughout the entire work area. A patch panel is a piece of hardware with multiple ports that helps organize a group of cables. Each of these ports contains a wire that goes to a different location. Patch panels and cable trays may be used to form the backbone of your cable distribution plant, but to meet the requirements of the question you should use raised floors in conjunction with these.

A network administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The network manager decides to initiate a rollback. Which describes what the network administrator should do next? Return the system back to the original state before the change Leave the change as is and inform users of a workaround Request additional time since the change is near completion Return the system to step four since this was the last working step

Return the system back to the original state before the change OBJ-3.2: By performing a rollback, the administrator will change everything back to the last known good configuration before the change is started. This would involve resetting everything back to how it was before the configuration and installation of the changes were begun in this maintenance window.

Which of the following network devices is used to separate broadcast domains? Hub Switch Bridge Router

Router OBJ-2.1: A router is networking hardware that connects computer networks and forwards data packets between those networks. A router operates at the network layer (Layer 3) of the OSI model and makes routing decisions based upon IP addresses. Each switchport on a router is a separate collision domain and a separate broadcast domain.

Which of the following network protocols is used to send email from one server to another server? SNMP POP3 RDP SMTP

SMTP OBJ-1.5: Simple Mail Transfer Protocol (SMTP) is a well-known application that uses port 25 for sending email from one server to another server. Remote Desktop Protocol (RDP) is an application that uses port 3389 to allow a user to connect to another computer over a network connection graphically. Simple Network Management Protocol (SNMP) is an application that uses port 161 for the management and monitoring of network-connected devices in Internet Protocol networks. Post Office Protocol v3 (POP3) is an application that uses port 110 to receive and hold email until a client is ready to receive it. The key to answering this question is understanding the acronyms and their meaning.

Dion Training wants to create a DNS record to specify a host and port to use for a new instant messaging service. Which type of DNS record should be created? SRV SOA PTR TXT

SRV OBJ-1.6: A DNS service (SRV) record specifies a host and port for specific services such as voice over IP (VoIP), instant messaging, and others. PTR records are used for the Reverse DNS (Domain Name System) lookup. Using the IP address, you can get the associated domain/hostname. An A record should exist for every PTR record. A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain. The DNS text (TXT) record lets a domain administrator enter text into the Domain Name Systems. The TXT record was originally intended as a place for human-readable notes. However, now it is also possible to put some machine-readable data into TXT records.

Sahra connects a pair of switches using redundant links. When she checks the link status of the two ports, one of them is not active. She changes the inactive link to another switchport, but the second link still remains inactive. What MOST likely is causing the second link to become disabled? IGRP routing SSID mismatch Port mirroring Spanning tree

Spanning tree OBJ-2.3: The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. If STP detects a switching loop being created by the redundant connection, it will disable the switchport automatically. The Interior Gateway Routing Protocol (IGRP) is a distance-vector interior gateway protocol developed by Cisco to exchange routing data within an autonomous system. IGRP is used with layer 3 devices (routers) and not layer 2 devices (switches). A service set identifier (SSID) is a group of wireless network devices that share the same natural language label that users see as a network name. An SSID is not used with wired networks. Port mirroring is used on a network switch to send a copy of network packets seen on one switch port to a network monitoring connection on another switch port. Port mirroring is used for security applications, not redundancy.

A technician installs a new WAP, and users in the area begin to report poor performance. The technician uses ping, and only 3 of the 5 packets respond. When the technician tests the connection from a wired connection, it responds with 5 of 5 packets. What tool should the network technician use next? Packet capture tool Spectrum analyzer tool Port scanner tool Interface monitoring tool

Spectrum Analyzer OBJ-5.3: A spectrum analyzer is a device that displays signal amplitude (strength) as it varies by signal frequency. Since the issue only occurs when connecting wirelessly, it is almost like a spectrum interference issue. Alternatively, you could attempt to conduct a wireless site survey using a WiFi analyzer, but that option wasn't presented in this question. A packet capture tool is used to log and collect packets as they cross the wired or wireless network. An interface monitoring tool would collect data related to performance, bandwidth (utilization), errors and discard rate for a singular interface or switchport. A Port scanner is used to test if a particular port or port range is open, closed, or filtered. Since this appears to be a wireless connectivity issue, only a spectrum analyzer could help identify the connectivity issues. This issue is most likely associated with interference around the channels being used by this wireless access device.

Which of the following encryption types was used by WPA to better secure wireless networks than WEP? IV CCMP TKIP AES

TKIP OBJ-2.4: Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. WPA uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme. Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key. Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption.

You are connecting a new IPv6 device to your network, but your routers only support IPv4 protocols. Which of the following IP addressing solutions would solve this challenge? APIPA Classless Private Teredo tunneling

Teredo tunneling OBJ-1.4: Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network. A private IP address is an IP address reserved for internal use behind a router or other Network Address Translation (NAT) devices, apart from the public. Private IP addresses provide an entirely separate set of addresses that still allow access to a network without taking up a public IP address space. Automatic Private IP Addressing (APIPA) is a feature in operating systems (such as Windows) that enables computers to automatically self-configure an IP address and subnet mask when their DHCP server isn't reachable. Classless IP addressing solutions allow for the use of subnets that are smaller than the classful subnets associated with Class A, Class B, or Class C networks.

You have been contracted by Dion Training to conduct a penetration test against its learning management system (LMS). The LMS is a web application that is hosted in the organization's DMZ. Which of the following appliance allow lists should the organization add your source IP in before the engagement begins? DLP WAF HIDS NIDS

WAF OBJ-2.1: The learning management system (LMS) is a web application, therefore the source IP of the attacking workstation needs to be added to the web application firewall's allow list to prevent it from being blocked. Adding a source IP address to the allow list will exclude it from ACL rules and other signatures. This prevents an active device, like a web application firewall (WAF), layer 4 firewall, or an intrusion protection system (IPS) from blocking the penetration tester during the assessment. By having your IP added to the allow list, you can focus your time and efforts on finding vulnerabilities with the servers themselves instead of trying to break through a compensating control like a WAF or IPS.

A customer is trying to configure an 802.11b wireless card in an old laptop to connect to an 802.11g wireless router. When the customer scans for the wireless network's SSID (Dion-Corp), it is not displayed within Windows. What is the MOST likely reason that the SSID is not being displayed? The wireless router is not configured for DHCP support The broadcast is disabled on the wireless router 802.11g and 802.11b use different frequencies The wireless router is configured with WPA2 encryption

The broadcast is disabled on the wirless router OBJ-5.4: If the SSID (Secure Set Identifier) is disabled, then the wireless network name will not be broadcast to any available devices within range. Both Wireless B and G use the same frequency band (2.4 GHz) and would not cause this issue. Similarly, encryption that is enabled or disabled would not affect the SSID broadcast since the SSID is sent out in cleartext. DHCP support is used once a device connects to the network. Therefore it would not affect the SSID broadcast.

A home user ran a bandwidth speed test from their laptop and receive the following results: Ping: 53ms Download speed: 33.3 Mbps Upload speed: 10.2 Mbps Which of the following is the best interpretation of these results? The laptop took 53 ms to complete the bandwidth speed test The laptop received data at 33.3 Mbps and sent data at 10.2 Mbps The website downloaded data at 33.3 Mbps and uploaded data at 10.2 Mbps The laptop downloaded 33.3 MB of data and uploaded 10.2 MB of data

The laptop received data at 33.3 Mbps and sent data at 10.2 MB OBJ-5.3: This connection appears to be an asymmetric connection, like a cable modem or aDSL, since the download and upload speeds do not match. According to the bandwidth speed test results, the laptop received data at 33.3 Mbps when receiving the test file and uploaded the test file back to the server at a speed of 10.2 Mbps. The laptop had a latency of 53ms during the test, which is indicated by the ping test conducted as part of the bandwidth speed test. During a bandwidth speed test, the laptop will first conduct a ping test to the server to measure the latency of the connection. Next, the laptop will download a sample file from the server and then upload that same file back to the server. During the download and upload, the server measures the time it took to accurately calculate the throughput of the connection between the laptop and the server.

You have installed and configured a new wireless router. The clients and hosts can ping each other. The network uses a fiber optic WAN connection with 1 Gbps throughput. The wired clients have fast connections, but the wireless clients are displaying high latency when a ping is performed. The wireless clients are also only receiving 300 Mbps when downloading files from the Internet. Which of the following is MOST likely the cause of the slow speeds experienced by the wireless clients? A fiber connection does not support wireless The network should use 802.11g WAPs to increase throughput The wireless access point is experiencing RF interference A high signal-to-noise ratio on the wireless network

The wirless access point is experiencing RF interfence. OBJ-5.4: If interference in the wireless spectrum occurs, more retransmissions will be needed (and thereby slowing speeds experienced and increasing latency).

After upgrading a fiber link from 1 Gbps to 10 Gbps. A network technician ran a test of the link and the link is not connecting properly. The two routers are 450 meters apart and are connected using a MMF fiber with 10GBaseLR SFP+ transceivers. The fiber runs through the electrical and boiler rooms of each building. Which of the following is the MOST likely cause of the connectivity issues? Interference from the electrical room There is a short in the cable The wrong transceivers are being used There is heat from the boiler room

The wrong transceivers are being used OBJ-5.2: The transceivers being used are 10GBaseLR, which are used with single mode fiber (SMF), not multimode fiber (MMF). Since the network is already using MMF fiber and was previously working, the technician should replace the 10GBaseLR SFP+ transceivers with 10GBaseSR SFP+ transceivers instead. Now, this is a difficult question, but if you take it one step at a time, you can also use the process of elimination to get the right answer if you weren't sure of which type of transceiver to use. First, the question is using a fiber connection, so it will not be subject to electrical interference. Second, fiber is not affected by heat like copper connections, therefore the boiler room option can be eliminated. Third, an open or short condition only occurs with copper cables, not fiber, therefore this option can also be eliminated. This leaves you with the incorrect transceiver being used as the only possible correct option.

When using a Type 1 hypervisor virtualized environment, which of the following hardware types is necessary to connect the VMs to the corporate network? VDI VPN VNC Virtual NIC

Virtual NIC OBJ-1.2: A virtual machine includes a virtual NIC. A virtual NIC is a type of virtual adapter that can be configured on logical partitions to provide a network interface. This virtual NIC can be paired and mapped to a physical NIC to get the VM onto the network. Virtual Desktop Infrastructure (VDI) is a software technology that separates the desktop environment and associated application software from the physical client device that is used to access it. A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Virtual Network Computing (VNC) is a cross-platform screen sharing system that was created to remotely control another computer from a distance by a remote user from a secondary device as though they were sitting right in front of it.

You just arrived at school today, pulled your laptop out of your backpack, and tried to connect your laptop to the Wi-Fi network. It worked fine yesterday, but today it won't connect automatically or display any available networks. You haven't done anything to the laptop since you left class yesterday. You ask your classmates if they can connect to the Wi-Fi, and every one of them is connected without any issues. What should you check FIRST in your attempt to connect your laptop to the Wi-Fi? IP address issued by the DHCP server Wireless switch on your laptop The configuration of the access point Wireless controller configuration

Wireless switch on your laptop OBJ-5.4: Since everyone else's laptops are connected without any issues, the problem is not with the network but with your laptop in some form. This rules out the wireless controller configuration or access point settings since those are both things that would affect all users on the network. Additionally, as a student at the school, it is unlikely you have access to check the configuration of the access point or wireless controller. Since you are not connected or finding any networks, you won't have a DHCP address assigned either. The most likely cause of your issue is that the wireless switch on your laptop was accidentally switched to the off position when you put your laptop in your backpack. Now, not all laptops have a wireless switch, but from the options provided, this is the most logical answer. If you have a MacBook, for example, they do not use a physical wireless switch. If you are troubleshooting this issue using the bottom-to-top methodology, you would start with layer 1 of the OSI model, the physical layer. In this case, the physical layer would relate to your wireless networking card and the radio frequencies it is supposed to transmit. Continue Retake test

You are troubleshooting a network connectivity issue on a student's workstation at Dion Training. The wireless access point for the DionTraining network is set to not broadcast its network identifier. The student enters DIONTRAINING as the network name, then attempts to connect to this "Open" wireless access point. The student's classmates have all been able to connect successfully to the network, but this workstation fails to successfully connect. Which of the following issues is indicated by this failure to connect? Wrong SSID Incorrect passphrase Insufficient wireless coverage Encryption protocol mismatch

Wrong SSID OBJ-5.4: The service set identifier (SSID) is a natural language name used to identify a wireless network. If a network is manually configured and the incorrect SSID is entered, the device will be unable to connect to the network. In this scenario, the network name (SSID) is DionTraining, but the student entered DIONTRAINING instead. SSIDs are case sensitive, so DionTraining and DIONTRAINING would be considered two different networks. This indicates the wrong SSID was entered. Encryption protocols are used to protect WEP, WPA, and WPA2 wireless networks. WEP wireless networks utilize the RC4 encryption protocol. WPA wireless networks utilize the TKIP encryption protocol. WPA2 wireless networks utilize the AES encryption protocol, but they also can support the TKIP encryption protocol, as well. The network in this scenario was an "Open" network, which indicates it does not require an encryption protocol. If the wrong encryption protocol is used, the wireless client and the wireless access point will be unable to communicate. The passphrase in a wireless network serves as the password or network security key. If the incorrect passphrase was entered, you will receive an error such as "Network security key mismatch" and the wireless device will be unable to communicate with the wireless access point. The received signal strength indication (RSSI) is an estimated measure of the power level that a radio frequency client device is receiving from a wireless access point. If the RSSI is -90dB to -100dB, this indicates an extremely weak connection and insufficient wireless coverage in which the area the device is operating.

Which of the following requires that all users, whether inside or outside the organization's network, be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data? Acceptable use policy Zero trust Defense in depth Least privilege

ZERO TRUST OBJ-4.1: Zero-trust is a security framework that requires all users, whether in or outside the organization's network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints. Defense in Depth is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information. An acceptable use policy (AUP) is a set of rules applied by the owner, creator, or administrator of a network, website, or service, that restrict the ways in which the network, website, or system may be used and sets guidelines as to how it should be used.

You have been asked to connect three 802.11a devices to an 802.11g access point configured with WEP. The devices are within 20 feet of the access point, but they still cannot associate with the access point. Which of the following is the MOST likely cause of the devices not associating with the WAP? Frequency mismatch Signal loss Mismatched encryption Interference

frequency mismatch OBJ-2.4: 802.11a operates in the 5 GHz band, while 802.11g operates in the 2.4 GHz band. Therefore, 802.11a devices will be unable to communicate with 802.11b or 802.11g access points. Wireless networks utilize three different frequency bands: 2.4 GHz, 5 GHz, and 6 GHz. The 2.4 GHz frequency band is used by 802.11b, 802.11g, and 802.11n. The 5 GHz frequency band is used by 802.11a, 802.11n, 802.11ac, and 802.11ax. The 6 GHz frequency band is used by Wi-Fi 6E under the 802.11ax standard.

What anti-malware solution is installed as a dedicated on-premise appliance to scan all incoming traffic and prevent malware from being installed on any of your clients without requiring the installation of any software on your clients? Network-based anti-malware Signature-based anti-malware Host-based anti-malware Cloud-based anti-malware

network-based anti-malware OBJ-2.1: The network-based anti-malware can help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer. Network-based anti-malware solutions can be installed as a rack-mounted, in-line network appliance in your company's on-premise datacenter to protect every client and server on the network without having to install software on each of the clients. Network-based anti-malware solutions often come as part of a unified threat management (UTM) appliance. Cloud antivirus is a programmatic solution that offloads antivirus workloads to a cloud-based server, rather than bogging down a user's computer with a complete antivirus suite. Cloud-based solutions do not use on-premise appliances as part of their installation. Host-based anti-malware relies upon the installation of an agent to detect threats such as viruses, spam, and rootkits to protect the client it is installed upon. Host-based malware often uses signatures to detect and remove malicious code. Signature-based anti-malware is a generic category of malware that may be implemented through host-based, network-based, or cloud-based anti-malware solutions. Anti-malware either operates using signature-based detection, behavioral-based detection, or heuristic-based detection.

You are currently troubleshooting a network connection error. When you ping the default gateway, you receive no reply. You checked the default gateway, and it is functioning properly, but the gateway cannot connect to any of the workstations on the network. Which of the following layers could be causing this issue? Presentation Physical Session Transport

physical OBJ-1.1: Ping requests occur at layer 3 (Network Layer). Therefore, the problem could exist in layer 1 (physical), layer 2 (data link), or layer 3 (network). Since Physical (layer 1) is the only choice from layers 1-3 given, it must be the correct answer. Also, since the gateway cannot reach any of the other devices on the network, it is most likely a cable (physical) issue between the gateway and the network switch.